Spring World 2018

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 30, Issue 3

Full Contents Now Available!

Industry Hot News

Industry Hot News (467)

With the end of September’s National Preparedness Month, incident response professionals may get questions from colleagues about how their organization responds to natural disasters or other major disruptions.

Communications is an especially important element of disaster response. Small businesses may find calling trees sufficient, but larger enterprises and government agencies often depend on advanced communications and information technology.

Organizations have three options for deploying incident response communications infrastructure:

...

https://www.onsolve.com/blog/managed-saas-vs-traditional-saas-choose-best-option-organization/

For Cybercriminals, it’s a Match Made in Heaven

This is an age in which ransomware has made the barrier to entry for would-be cybercriminals lower than ever. And, with the proliferation of IoT devices, for attackers, there’s ample opportunity to compromise smart devices. And the convergence of these two threats has certainly attracted the interest of cybercriminals.

Ransomware and IoT are colliding – and the impact has created the perfect storm for cybercriminals.

At a high level, ransomware encrypts its victims’ data or blocks their access to a computer system or network until a sum of money is paid. With lower execution costs, high returns and minimal risk of discovery (compared to other forms of malware), ransomware has quickly become a preferred method of attack for cybercriminals. And it’s now easier than ever for virtually anyone – even individuals with minimal security knowledge – to extort money from companies and individuals through do-it-yourself ransomware toolkits or via the services of a Ransomware-as-a-Service (RaaS) provider.

When it comes to the popularity of ransomware as an attack vector, the numbers don’t lie. An August 2016 report from Osterman Research found that, during the course of the previous 12 months, nearly 50 percent of the companies surveyed were the victim of a ransomware attack. And Kaspersky’s Q1 Lab Malware Report revealed a 250 percent rise in mobile ransomware during the first few months of 2017. The business model of ransomware has proven highly lucrative, and there’s no sign that the malware will go away anytime soon.

...

http://www.corporatecomplianceinsights.com/ransomware-marries-iot/

Monday, 16 October 2017 14:57

When Ransomware Marries IoT

Emergencies Aren’t Biased

Small companies can fall victim to a dangerous mindset of thinking they are too small to take formal precautions against crises. They believe that fancy emergency notification systems are relegated to the companies with thousands of employees scattered around the globe. While the magnitude of the emergency may scale with the size of the company, even the smallest mom and pop company needs a plan and a system to communicate when an unexpected event occurs.

The truth is, emergencies can happen anywhere, anytime, to anyone. All we have to do is look at the crazy hurricane season we will thankfully see coming to an end in the coming weeks. Hurricanes Harvey, Irma, Maria and Nate paid no attention to whether or not the buildings they destroyed were owned by a large or small company. They didn’t care if four employees were displaced or 4,000. It was of no concern as to which streets would be impassable and how long the power would be out.

...

https://www.alertmedia.com/no-youre-not-too-small-for-a-notification-system/

Blockchain technology related topics are gaining a lot of attention lately, most of the attention is focused on cryptocurrency such as Bitcoin.  Some predict it as the new internet revolution which could lead to new technological innovations in economics and social transformations.

Blockchain is running on a peer-to-peer network, with many distributed nodes and supporting independent computer servers globally.  Part of it is implemented without any centralized authority and has a built-in fraud protection and consensus mechanism, such as the concept of Proof-of-Work, where peer computers in nodes approve every requirement for the generation of a new set of transactions or block to be added to the database a.k.a. “Block Chain”.

It also has a built-in check and balance to ensure a set of colluding computers can’t game the system.  Blockchain also brings in an element of transparency, which reduces fraud as the entire chain is visible and auditable.

...

http://www.bcinthecloud.com/2017/10/blockchain-for-business-continuity-and-disaster-recovery/

(TNS) - The heavy winds that downed power lines Sunday night at the start of the deadly wildfires raging across Northern California were far from “hurricane strength,” as PG&E has claimed, according to a review of weather station readings.

On Tuesday, the Bay Area News Group reported that Sonoma County emergency dispatchers sent fire crews to at least 10 reports of downed power lines and exploding transformers as the North Bay fires were starting around 9:22 p.m. In response, PG&E said that “hurricane strength winds in excess of 75 mph in some cases” had damaged their equipment, but they said it was too early to speculate what started the fires.

However, wind speeds were only about half that level, as the lines started to come down, the weather station records show. At a weather station in north Santa Rosa where the Tubbs Fire started, the wind gusts at 9:29 p.m. peaked at 30 mph. An hour later, they were 41 mph.

...

http://www.govtech.com/em/disaster/California-Fires-PGE-Power-Lines-Fell-in-Winds-That-Werent-Hurricane-Strength.html

ATLANTA — The fifth annual Great Southeast ShakeOut earthquake drill will take place on October 19 at 10:19 a.m. across the southeast United States.

More than 1.3 million people will participate in this regional event, joining Great ShakeOut Earthquake Drills occurring throughout the nation and in several countries. More than 25 million people around the globe are expected to participate. In addition to safety drills, many participants take extra steps to become more prepared for earthquakes or other disasters.

“While damaging earthquakes may be rarer in the Southeast when compared to other areas, they can occur at any time wherever we work, live, or travel within the region and beyond. Everyone, everywhere should know how to protect themselves from an earthquake,” said Gracia Szczech, FEMA Region IV administrator.

Held annually on the third Thursday of October, the ShakeOut International Day of Action is set for Thursday, October 19, 2017 at 10:19 a.m. During the self-led drill, participants practice how to “Drop, Cover, and Hold On”. For most people, in most situations, the recommended earthquake safety action is to:

  • DROP where you are, onto your hands and knees;
  • COVER your head and neck with one arm and hand, as you crawl for shelter under a nearby table or desk;
  • HOLD ON to your shelter with one hand until shaking stops (remain on your knees and covering your head and neck with your other arm and hand).

The recent M7.1 earthquake that struck near Mexico City serves as a reminder that large, damaging earthquakes occur with little or no warning. Citizens in the southeast and mid-Atlantic states are not immune to earthquakes—the August 2011 M5.8 earthquake in Virginia was felt by an estimated 100 million people and caused approximately $150 million in damage and economic loss.

The ShakeOut is free and open-to-the-public. Participants include individuals, schools, businesses, local and state government agencies, and many other groups. To take part in the ShakeOut, register to participate at www.shakeout.org. Once registered, you’ll receive regular information on how to plan your drill and become better prepared for earthquakes and other disasters.

The Great Southeast U.S. ShakeOut is being coordinated by the Central U.S. Earthquake Consortium, the Federal Emergency Management Agency, the U.S. Geological Survey, and dozens of other partners. ShakeOut is coordinated globally by the Southern California Earthquake Center in Los Angeles, California.

###

FEMA’s mission is to support our citizens and first responders to ensure that as a nation we work together to build, sustain, and improve our capability to prepare for, protect against, respond to, recover from, and mitigate all hazards.

The Need for Aligned Assurance

Today’s changing risk landscape has put increased pressure on assurance functions to simplify their requirements and to provide the board, senior management and other key stakeholders with a complete risk and assurance picture. To do so requires coordinating on the risk universe, risk terminology and ratings. Malcolm Murray and Rafael Go discuss how, in light of this mandate to the board and companywide remit, internal audit is best placed to kick-start and champion these aligned assurance efforts.

In recent years, both the size and scope of the risk landscape has changed dramatically. These changes are driven by the reality that organizations are becoming larger, more complex and more geographically dispersed. Add that to the number of third parties (now including fourth and fifth parties) rapidly proliferating and the increase in digitization efforts that are requiring more robust protection from cyberattacks and data breaches. And, along with all of this, companies are under increased competitive pressure from more digitized competitors.

Despite an increased focus on these new challenges, assurance functions are faced with stagnant resources, having to provide more comprehensive assurance with less. Most organizations’ assurance functions tend to work independently, which adversely affects operations and strategy by lengthening decision-making, slowing down corporate clock speed and increasing the procedural burden. According to research from CEB, now Gartner, 43 percent of compliance executives report that internal partners sometimes avoid the compliance process and 77 percent of business leaders have indicated becoming more risk averse. This leads to a 48 percent reduction in potential top-line growth from foregone corporate opportunities and new projects.

Having separate groups report independently to the board and senior management also means they get an incomplete or, at worst, contradictory picture of the risk landscape. In order to provide comprehensive risk guidance to the business, assurance functions must increase their efforts at aligning their work.

...

http://www.corporatecomplianceinsights.com/audits-increasingly-critical-role-in-grc/

Friday, 13 October 2017 16:22

Audit’s Increasingly Critical Role In GRC

https://ems-solutionsinc.com/blog/caring-for-children-in-a-disaster/

 

By REGINA PHELPS

Disasters affect children differently than they do adults. Learn more about the unique needs of children during and after disasters. Just with all of the disasters in the United States alone, this issue is especially critical to help young ones cope.  The CDC has several great recommendations for the care of children at time of disaster.

Another organization, the Shenandoah Valley Project Impact, the Central Shenandoah Valley’s regional disaster preparedness and mitigation program developed a great set of children’s books both in English and Spanish to help families and their kids cope. You can download them here.

Disaster_Activity_Book_for_Kids_English

Disaster_Activity_Book_for_Kids_Spanish

  • Children’s bodies are different from adults’ bodies.
    • They are more likely to get sick or severely injured.
      • They breathe in more air per pound of body weight than adults do.
      • They have thinner skin, and more of it per pound of body weight (higher surface-to-mass ratio).
      • Fluid loss (e.g. dehydration, blood loss) can have a bigger effect on children because they have less fluid in their bodies.
    • They are more likely to lose too much body heat.
    • They spend more time outside and on the ground. They also put their hands in their mouths more often than adults do.
  • Children need help from adults in an emergency.
    • They don’t fully understand how to keep themselves safe.
      • Older children and adolescents may take their cues from others.
      • Young children may freeze, cry, or scream.
    • They may not be able to explain what hurts or bothers them.
    • They are more likely to get the care they need when they have parents or other caregivers around.
    • Laws require an adult to make medical decisions for a child.
    • There is limited information on the ways some illnesses and medicines affect children. Sometimes adults will have to make decisions with the information they have.
  • Mental stress from a disaster can be harder on children.
    • They feel less of a sense of control.
    • They understand less about the situation.
    • They have fewer experiences bouncing back from hard situations.

https://www.cdc.gov/childrenindisasters/index.html

(TNS) - The catastrophic fires that have ravaged Wine Country this week may be unprecedented in their toll, but they’re only the latest in a wave of infernos that have blasted through the hills and valleys north of San Francisco in recent years. And the trend is likely to worsen.

As temperatures climb across the West and as a sprawling Bay Area expands development into increasingly rural reaches, Northern California is becoming more akin to Southern California, where warm weather and people staking trophy homes along far-flung cliffs and canyons have set the stage for chronic burning, fire experts say.

“I can’t imagine how there isn’t going to be more of this in the future,” said Hugh Safford, an ecologist for the U.S. Forest Service’s Pacific Southwest Region. “It’s shocking what’s happened, but it really isn’t necessarily all that surprising.”

...

http://www.govtech.com/em/disaster/Deadly-Fires-Show-How-Northern-State-is-Becoming-More-Like-Fire-Prone-South.html

(TNS) - The Memphis Police Department is working to build up a short-staffed police force, and in the meantime, the department's director of emergency communications hopes that a new dispatch system will help police answer calls more quickly.

The new dispatch system, Intergraph Mobile for Public Safety, is being installed on laptop computers in police cars.

The system uses global positioning system technology to show dispatchers and police officers exactly where squad cars are located and what kind of calls they're handling.

...

http://www.govtech.com/em/safety/New-GPS-Based-Dispatch-System-Should-Speed-Memphis-Police-Response-Times-Department-Says.html

Page 1 of 3